It has recently emerged that the Phorpiex it was the malware predominant in Angola during the month of March 2023, affecting 26,23% of companies, with the industry sector being the most targeted. The data is part of a Check Point study.
For that month, it seems that we did not completely escape the rule, because in Angola in the month of May, the Phorpiex maintained its leading position, followed by FromBook and by XMRig who rose in rank.
What are the main malware existing in Angola?
- Phorpiex - Phorpiex is a botnet (also known as Trick) which has been active since 2010 and at its peak controlled over a million infected hosts. It is known for distributing other families of malware through spam campaigns, as well as by feeding campaigns of spam and large-scale extortion;
- FromBook – O FormBook is an info stealer which targets the Windows Operating System and was first detected in 2016. It is marketed as malware Service (MaaS) on underground hacking forums for its strong evasion techniques and relatively low price. O Formbook collects credentials from various web browsers, collects screenshots, monitors and records keystrokes and can download and execute files according to your C&C orders;
- XMRig - O XMRig is an open source CPU mining software used to mine the Monero cryptocurrency. Threat actors often abuse this open source software by integrating it into their malware to illegally mine victims' devices.
O Phorpiex is an enduring botnet, active since 2010, known for extortion campaigns and for using worms antiquated that spread across units USB removable media and instant messaging applications. In recent years it has started to diversify its infrastructure to become more resilient and deliver more dangerous payloads. Today, the Phorphiex botnet continues to maintain a large network of bots and generates wide-ranging malicious activities, which traditionally included extortion and spamming activities and expanded to include cryptocurrency mining.
